In the Linux kernel, the following vulnerability has been resolved:
rtc: tps6594: Fix integer overflow on 32bit systems
The problem is this multiply in tps6594_rtc_set_offset()
tmp = offset * TICKS_PER_HOUR;
The "tmp" variable is an s64 but "offset" is a long in the
(-277774)-277774 range. On 32bit systems a long can hold numbers up to
approximately two billion. The number of TICKS_PER_HOUR is really large,
(32768 * 3600) or roughly a hundred million. When you start multiplying
by a hundred million it doesn't take long to overflow the two billion
mark.
Probably the safest way to fix this is to change the type of
TICKS_PER_HOUR to long long because it's such a large number.
CVE ID: CVE-2024-57953
Vendor: Linux, Linux
Product: Linux, Linux
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 1.68% (scored less or equal to compared to others)
EPSS Date: 2025-03-27 (when was this score calculated)